BACKGROUND
Field of Invention
[0001] Embodiments of the present invention relate generally to systems and methods for
authentication, and more specifically to systems and methods for multi-factor biometric
authentication.
Discussion of Related Art
[0002] In this digital age, if information is not adequately protected, it may be compromised
by accident or design and cause an information breach. Consequences of such breaches
may be severe. For businesses, where information is a form of commerce, a breach may
entail regulatory and corresponding financial penalties, punitive legal action, and
loss of reputation and business. For an individual, identity theft and damage to financial
history may take years to resolve and cost thousands of dollars. Information and the
protection of it, represents a critical and complex issue for modem society as a whole.
[0003] Most information systems today typically require some form of authentication to confirm
the identity of an individual or system seeking to gain access. This authentication
may be a simple pairing of two elements such as a "user name" and associated "password."
Other more complicated authentication groupings may exist where a third element, such
as a physical token, is included, where all the information must be known to grant
access. This paradigm may create several problems for an individual or system seeking
to gain authorized access. First, is the number of required element permutations to
recall for each authentication, which may number in the several dozens for an individual.
Second, are programs generically known as "password keepers" that with knowledge of
a single pairing of "username" and "password" may reveal all authentication elements
for an individual or system. Finally, while convenient, storage of such authentication
credentials in a typical computer browser, may lead to unauthorized access by individuals
who gain access to a computer terminal itself, or intercept the transmitted stream
of information from such a device.
[0004] Unlike the use of other forms of authentication, such as a unique pairing of elements,
for example, "usernames" and "passwords," biometric authentication provides a very
strong linkage between an individual and a claimed identity. Utilization of biometric
identification may also be combined with more typical authentication such as the pairing
of elements as described above. In this way authentication from multiple independent
categories may be created to allow a multi-factor authentication system. Such a system
employs not only specific user knowledge, but also characteristics unique to only
the individual to be authenticated, thereby creating both a very secure and easily
recalled authentication sequence.
SUMMARY
[0005] Biometric authentication allows for an individual to be their own password. In cases
where a single biometric signal is required with no other authentication, even if
biometric in nature, that authentication may be fairly simple to circumvent. Principles
of the present invention allow permutations of biometric (
inherence) authentication coupled with
knowledge based authentication to allow an individual to be their own password and couple
knowledge based authentication, creating multi-factored authentication that is both easy for
a user to recall while being very secure.
[0006] Aspects of the present invention relate generally to multi-factor biometric authentication.
Principles of the invention provide systems and corresponding methods for multi-factor
biometric based authentication and access control systems. These systems may include
a sensor configured to detect a series of biometric signals, a storage device configured
to store a predefined series of biometric signals, and an authentication processor
that compares the series of biometric signals received from the sensor to the predefined
series of biometric signals stored and transmits an authentication signal if the detected
and predefined biometric signals match.
[0007] Principles of the invention further demonstrate that the authentication and access
control systems may further define the series of biometric signals be created by one
of a fingerprint, palm print, vein pattern, or any permutation thereof. The authentication
and access control systems may also include the authentication signal to cause automatic
execution of physical access, electronic access, or transmission of information. The
authentication and access control systems may also be further comprised of a communication
interface. The authentication and access control systems may also be further comprised
of a lock mechanism. The authentication and access control systems may also be comprised
of an authentication server that contains the predefined series of biometric signals.
The authentication and access control systems may also be comprised of a display coupled
to the sensor configured to detect the series of biometric signals where the display
may be configured to detect the series of biometric signals at any location within
the display.
[0008] Principles of the invention further demonstrate that the authentication and access
control method may include detecting, a series of biometric signals with a sensor,
accessing a predefined series of biometric signals from a storage device, comparing
the series of biometric signals received from the sensor to predefined series of biometric
signals accessed from the storage device with an authentication processor and, transmitting
an authentication signal if the detected and predefined biometric signals match.
[0009] Principles of the invention further demonstrate that the authentication and access
control methods may detect biometric signals created by one of a fingerprint, palm
print, vein pattern, or any permutation thereof. The authentication and access control
method may transmit an authentication signal automatically, which authorizes physical
access, electronic access, or transmission of information. The authentication and
access control method may further comprise transmitting the sensed biometric signals,
predefined series of biometric signals, or authentication signal through a communication
interface to an external network. The authentication and access control method may
further comprise articulating a lock mechanism on transmitting the authentication
signal. The authentication and access control method may further comprise communicating
with an authentication server configured to process the predefined series of biometric
signals. The authentication and access control method may further comprising a display
coupled to the sensor configured to detect the series of biometric signals at any
location within the display.
BRIEF DESCRIPTION OF THE DRAWINGS
[0010] The accompanying drawings are not intended to be drawn to scale. In the drawings,
each identical or nearly identical component that is illustrated in various figures
is represented by a like numeral. For purposes of clarity, not every component may
be labeled in every drawing. In the drawings:
FIG. 1 is a functional block diagram of a system in accordance with one embodiment of the
present invention;
FIG. 2 is a functional block diagram of a system in accordance with one embodiment of the
present invention;
FIG. 3 is a flowchart of a process that may be implemented in accordance with one embodiment
of the invention;
FIG. 4 is a functional block diagram of a system in accordance with one embodiment of the
present invention;
FIG. 5 is a pictorial representation of possible biometric data points used in accordance
with embodiments of the present invention;
FIG. 6 is a pictorial representation of a system in accordance with embodiments of the present
invention.
DETAILED DESCRIPTION
[0011] This invention is not limited in its application to the details of construction and
the arrangement of components set forth in the following descriptions or illustrated
by the drawings. The invention is capable of other embodiments and of being practiced
or of being carried out in various ways. Also, the phraseology and terminology used
herein is for the purpose of descriptions and should not be regarded as limiting.
The use of "including," "comprising," "having," "containing," "involving," and variations
herein, are meant to be open-ended, i.e. "including but not limited to."
[0012] In today's world, if information is not adequately protected, it may be compromised
by accident or design and cause an information breach. Consequences of such breaches
may be severe and punitively expensive.
[0013] To protect information, authentication of the individual or system seeking to gain
access is performed through a series of challenges or authentication factors. An authentication
factor may be a category of credential used to verify an identity. One category of
authentication factor is the
knowledge factor, which is generally defined as a user having specific knowledge, such as a username
or password permutation. A second category of authentication factor is the
possession factor, which is generally defined as a user physically possessing an object, such as a
keycard. A third category of authentication factor is the
inherence factor, which is generally defined as a fundamental biological trait of the user, such as
a fingerprint. When multiple factors are used in concert to authenticate a user, a
multi-factor authentication system is formed.
[0014] Other authentication factors exist as do several examples of characteristics within
each existing authentication factor. Examples and permutations of which may include,
but are not limited to, Global Positioning System (GPS) location, time, security tokens,
proximity card devices, "behaviormetrics" (
how a person acts is measured, such as the gait of an individual's walk), plethysmography
(volume of an individual's particular body part is measured), human generated bio-electric
fields, ear lobe geometry, blood composition, and DNA sequencing, among others.
[0015] Aspects of the present invention relate generally to multi-factor biometric authentication
that include systems and corresponding methods for multi-factor biometric based authentication
and access control systems. This satisfies the need for a multi-factor authentication
system to employ not only specific user knowledge
(knowledge factor authentication), but also characteristics unique to only an individual to be authenticated
(
inherence factor authentication), thereby creating both a very secure and easily recalled authentication
sequence.
[0016] FIG.
1 includes many exemplary systems for multi-factor biometric authentication in accordance
with principles of the invention
100. A sensor
110 is connected to a storage device
120, and authentication processor
130. These devices are connected via a network
140.
[0017] A sensor
110 may be capable of receiving biometric signals generally considered
inherence authentication factors. These factors may include but are not limited to, fingerprint,
palm vein, wrist vein, retinal pattern, signature, facial, vocal, bio-electric, hand
geometry, and iris recognition. This sensor may contain a single sensing element,
or a plurality of sensing elements that may receive multiple biometric signals simultaneously,
sequentially, time based, or in any other pattern. A sensor
110 may also be capable of displaying other information such as a virtual keyboard with
a pictograph set to allow a biometric signal to be received at a particular location
corresponding to a particular pictograph, thereby creating a multi-factor (
inherence and
knowledge based) authentication sequence.
[0018] A storage device
120 may include a computer readable and writeable nonvolatile recording medium in which
information or signals are stored to perform one or more functions associated with
embodiments described herein. The medium may, for example, be a flash memory. Typically,
in operation, a processor
130 causes data to be read from the nonvolatile recording medium into another memory
which allows for faster access to the information by the processor
130 than does the computer readable and writable medium. This memory is typically a volatile,
random access memory such as a Dynamic Random Access Memory (DRAM) or Static Random
Access Memory (SRAM). It may be located as part of a larger storage system, a processor
130, or in another memory system. A processor
130 generally manipulates the data within the integrated circuit memory and then copies
the data to the medium after processing is completed. A variety of mechanisms are
known for managing data movement between the medium and the integrated circuit memory
element and the invention is not limited thereto. It should be appreciated the invention
is not limited to a particular memory system or storage system
120.
[0019] An authentication processor
130 may be, for example, based on Intel PENTIUM-type processor, Motorola PowerPC, Sun
UltraSPARC, Hewlett-Packard PA-RISC processors, or any other type of processor. The
authentication processor
130 may also be based on an embedded processor, System on a Chip (SoC), Application Specific
Integrated Circuit (ASIC), Field Programmable Gate Array (FPGA), or any other type
of processor specific to an embedded application. Aspects of the invention may be
implemented in software, hardware, firmware, or any permutation thereof. Further,
such methods, acts, systems, system elements, and components thereof may be implemented
as part of the computer system described above or as an independent component. The
authentication processor
130 may perform a wide range of computational tasks of a general or specific nature relating
to the operation of the system depicted in FIG
1. As an illustrative example, one function may be to compare a series of biometric
signals detected from the sensor
110 to a set of predefined biometric signals received from the storage device
120. If the biometric signals detected from the sensor
110 matches the set of predefined biometric signals received from the storage device
120, an authentication signal may be transmitted.
[0020] Connecting the sensor
110, storage device
120, and authentication processor
130 is a network
140. This network may be made up of wired, wireless, or a hybrid comprising both types
of connections. Wired connection types may include, but are not limited to, any physical
cabling method such as category 5 cable, coaxial, fiber, or any other physical media
to propagate electrical signals for purposes that may include providing power to a
device, transmission of data, or both, such as Power Over Ethernet (POE). Wireless
data connections may include, but are not limited to Personal Area Networks (PAN),
Local Area Networks (LAN), Wi-Fi, Bluetooth, cellular, global, or space based communication
networks. It is well understood that these types of computing devices illustrated
within an example of the system
100 shown in FIG.
1 are intended to be illustrative only and that computing nodes and various networking
environments may communicate with any type of computerized device over any type of
network with addressable or direct connections.
[0021] FIG.
2 also includes many exemplary systems for multi-factor biometric authentication in
accordance with principles of the system invention
200. A plurality of sensors
210a - 210n is connected to a storage device
220, authentication processor
230, and network
240. Each of these components is detailed supra with their corresponding elements and
descriptions from FIG.
1.
[0022] In FIG. 2 the plurality of sensors
210a - 210n may be capable of receiving biometric signals of any type. Each sensor may be capable
of receiving one or multiple types of biometric signals. Any combination of such sensors
may be used in an effort to increase the number of authentication factors and as a
result increase an overall security level.
[0023] As one of many possible examples, a system may include both a biometric sensor designed
to receive vocal patterns
210a and a biometric sensor designed to receive fingerprint patterns
210n. Both sensors may accept correct biometric inputs simultaneously, in a particular
sequence, or within a periodic time. A storage device
220 may retain a predetermined sequence of biometric signals for the plurality of sensors,
which may be processed by an authentication processor
230. In such a case the plurality of biometric sensors must each be presented correct
biometric signals for an authentication signal to be transmitted. It is noteworthy
that each sensor
210a - 210n need not be capable to receive only biometric inputs. Other sensors which may accept
a physical object (
possession factor authentication), such as a proximity card detector, or which may require knowledge
(
knowledge factor authentication), such as a keypad, may also be utilized within the plurality of sensors.
[0024] An example of the plurality of sensors being a combination of
knowledge, possession, and
inherence factors, may include a keypad sensor requiring
knowledge of a Personal Identification Number (PIN), a proximity sensor requiring a user to
possess a keycard, and a retina scanner to detect particular
inherent patterns of a users' inner eye. In this way not only may a plurality of sensors be
utilized in a system, but a plurality of sensor types may be used in a system.
[0025] FIG.
3 includes a flowchart of a process that may be implemented in accordance with embodiments
of the invention for multi-factor biometric authentication
300. To begin a sequence, a series of biometric signals is detected
310 by a sensor
110, 210a-210n. This detection may be a single biometric detection, a series of biometric detections,
or several simultaneous biometric detections. Upon receipt of such biometric signals,
embodiments of the multi-factor biometric authentication system
100, 200 access a predefined series of biometric signals
320 which may have been retained in a storage device
120, 220 through a process of enrolment or importation from another data source. Such an enrolment
process will allow at least one predefined series of biometric signals and allow a
basis for a comparison.
[0026] Once a series of biometric signals is detected
310 by a sensor
110, 210a-210n and a predefined series of biometric signals has been accessed
320 which may have been retained in a storage device
120, 220 the two sets of biometric signals are compared
330. It should be noted based on the size of the storage device
120, 220 a large number of predefined biometric signals may be stored. This may require substantial
processing capacity from the authentication processor
130, 230 which may contain specialized software, firmware, or co-processing ability to prioritize
the comparison of the detected biometric signals
310 and predefined series of biometric signals
320. This may be the case as providing a user an authentication signal without substantial
perceived delay is a user experience factor. It should be appreciated by those skilled
in the art, the comparison of the biometric signals
330 may be accomplished by a variety of available methods.
[0027] Once the comparison of the biometric signals
330 is completed, a determination may be made if the signals match through the use of
the authentication processor
130, 230. If a match of the biometric signals does not exist
350, an authentication signal is not transmitted and the process will return to detecting
a series of biometric signals
310. If however these biometric signals do match
340, an authentication signal will be is transmitted
360 and the process will return to detecting a series of biometric signals
310.
[0028] Principles of the invention allow for a variety of uses for the transmitted authentication
signal
360. Such a signal may permit or automatically execute any number of actions for physical
access, electronic access, or transmission of information. For physical access, the
transmitted authentication signal
360 may be used to grant physical access to a building, room, container, vessel, or any
other enclosure type through articulation of one or more individual or grouped lock
mechanisms. Electronic access may be granted to any number of electronic resources,
one example may be access to a program to transmit and receive email, on transmission
of the authentication signal
360. It should be appreciated access to any such resource may be possible. Further, the
transmitted authentication signal
360 may be used to transmit sensitive information such as banking information as part
of a commercial purchase. Various embodiments will provide for a wide array of systems
and access types utilized in the state of the art.
[0029] An illustrative example may be a modem data center that requires the authentication
of users for entry into the data center room itself that may be controlled by a single
or multiple lock mechanisms as well as access into individual racks that may contain
Information Technology (IT) equipment within the data center each may have their own
individual lock mechanisms. As the number of individuals authenticated for access
to the data center room itself may be larger than that of any single IT rack, various
authentication points would be required as would various authentication levels. So
while a security guard may be able to enter the data center room itself which may
be accessed by one lock mechanism, to visually inspect the racks of equipment, it
may also properly deny authorization to enter any IT rack outside the purview of the
security guard which also maintains a lock mechanism requiring separate authentication.
Examples of such tiered security paradigms are replete within the industry and principles
of the invention align themselves well to such security paradigms.
[0030] It should be appreciated, principles of the invention allow for a variety of embodiments
utilizing the process shown in FIG.
3. In various embodiments, when the authentication process
300 compares biometric signals
330 on either a match of the signals
340, or no match of the signals
350, the process terminates creating a onetime opportunity for a user to be correctly
authenticated before the state of the system changes, which may include disabling
the system indefinitely, for a period of time, or some fixed number of attempts to
authenticate. Further, other signals may be sent by the authentication processor
130, 230 in addition to the authentication signal
360, which may include alerting authorities, enabling other security measures, or disabling
any systems the authentication is intended to protect. In one embodiment as an alternative
to an authentication signal, a duress signal may be sent to take action in such an
event such as erasing an electronic device or altering appropriate authorities, among
others.
[0031] It should be appreciated by one skilled in the art that a variety of embodiments
of the system shown in FIG
4 in accordance with embodiments of the invention
400 while utilizing the various embodiments of the process flow depicted in FIG
3 are possible. In one embodiment a sensor
410 is connected to a storage device
420, and authentication processor
430. These devices are connected via a network
440. In addition, a communication interface
450 is connected to an external network
470, which in turn is connected to an authentication server
460. In this embodiment the sensor
410, storage device
420, authentication processor
430, and network
440 are operated in a manner detailed supra with reference to FIG. 1, FIG.
2, and FIG
3. In addition, the communication interface
450 may be of a wired or wireless type and utilize a communication protocol, such as
TCP/IP to effect communication between devices. It should be appreciated that that
the invention is not limited to any particular distributed architecture, network,
or communication protocol and may communicate any signal from embodiments of the invention
400 across any external network
470 to any other networked structure, such as the cloud for use in any application that
may make use of such data.
[0032] In alternate embodiments a specific authentication server
460 may be used in place of, in conjunction with, or in addition to the storage device
420 or authentication processor
430. It should be appreciated by those familiar with the state of the art such authentication
servers exist in such forms as Active Directory or RADIUS and are deployed to provide
remote user authentication and accounting. Principles of the invention demonstrate
the integration of other authentication servers
460 may substantially increase the number of users able to be authenticated without the
need for enrolment of users and allow the integration of existing authentication infrastructure
with the described principles of the invention.
[0033] FIG.
5 depicts input criteria for an embodiment of the present invention. A set of human
hands and wrists are depicted
500, where the basic structures are noted which may be used as inputs for the sensor
110, 210a-210n, 410 to create biometric signals to be detected
310 and enrolled to be stored on the storage device
120, 220, 420 as the predefined series of biometric signals to be accessed
320. A left hand and wrist
540a and right hand and wrist
540b are shown noting each has several structures that may be utilized individually, in
sequence, or simultaneously, to create biometric signals for creating an authorization
signal. These structures for the left hand
540a may include the left thumb
510a, left pointer finger
510b, left middle finger
510c, left ring finger
510d, left pinky finger
510e, left palm
520a and, left wrist
530a. For the right hand
540b may include the right thumb
510j, right pointer finger
510i, right middle finger
510h, right ring finger
510g, right pinky finger
510f, right palm
520b and, right wrist
530b. It is understood by those skilled in the art these structures may provide fingerprint,
palm print, or vein pattern biometric signals, or any permutation thereof.
[0034] It is well understood that singular biometric inputs, such as a right hand index
finger
510i to a sensor
110, 210, 410 are regularly used to authenticate a wide array of technologies, such as a phone
with an integrated biometric sensor dedicated to a human fingerprint. While such a
method may be easy to remember and is readily accessible, it is also relatively insecure
with both a set of fingerprints from a left
540a and right
540b hand as well as the technology to be accessed. In such as case even if only a single
chance were given to access a technology, the probability would be 1 in 10 [10%].
However, principles of the invention demonstrate that biometric inputs, such as those
provided by the structures in FIG.
5, may be presented in any permutation and in any length to allow for easily recalled,
readily accessible, and extremely robust authentication.
[0035] In one embodiment, if a ten (10) element authentication string was necessary, and
only the fingers of the left
510a - 510e and right
510f - 510j hands were used, presented sequentially, the probability for a correct authentication
would now become (1/10)
10 [.00000001%], far more robust than the generally available authentication available
in the state of the art. Further embodiments consider the remaining structures in
FIG
5. Such as the left
520a and right
520b palms and left
530a and right
530b wrists. Utilizing these additional structures further increases the robustness of
the authentication process. It should be appreciated to those familiar with the state
of the art, the number of elements required to present is limited only by the available
resources within the system and may be quite large.
[0036] To ease the difficulty of recalling the precise sequence of biometric inputs available
in FIG
5, each individual biometric element may be assigned a term for easy recall by a user.
As an example, if the structures for the left hand
540a are assigned left thumb
510a "1", left pointer finger
510b "2", left middle finger
510c "3", left ring finger
510d "4", left pinky finger
510e "5", left palm
520a "6" and, left wrist
530a "7". For the right hand
540b may be assigned right thumb
510j "8", right pointer finger
510i "9", right middle finger
510h "0", right ring finger
510g "11", right pinky finger
510f "12", right palm
520b "13" and, right wrist
530b "14". An easy to recall, always available, and robust biometric sequence may be created
by remembering 8-6-7-5-3-0-9 corresponding to right thumb
510j, left palm
520a, left wrist
530a, left pinky finger
510e, left middle finger
510c, right middle finger
510h, right pointer finger
510i. It should be appreciate to one skilled in the art, other such assignments are possible
to allow easily recalled yet robust biometric sequence inputs to allow multifactor
authentication.
[0037] In another embodiment, the sensor
110, 201a-210n, 410 capable of detecting a series of biometric signals further comprises a display coupled
to the sensor configured to detect the biometric signals. This coupling of display
and sensor allow information to be presented to a user seeking to gain authentication.
In yet another embodiment, the display coupled to the sensor configured to detect
the biometric signals may detect the biometric signals at any location within the
display coupled with a sensor. As an example and with reference to FIG.
6, a display coupled to the sensor configured to detect the biometric signals
610, displays information such as, but not limited to alpha numeric characters, which
correspond to locations on the display configured to receive biometric inputs
620a - 620n. These biometric input sources such as a left hand
630 and right hand
640 comprise one embodiment of a complete multi-factor biometric authentication system
600. Utilizing these embodiments adds yet another layer of authentication where a user
must provide the correct biometric signal to the correct alpha numeric character displayed
within the display coupled with a sensor. It should be appreciated that various embodiments
exist with regard to the number, shape, or size of available biometric points available
on the display as well as alpha numeric or other pictograph character sets which may
be displayed on the display coupled to the sensor configured to detect the biometric
signals
610.
[0038] An illustrative example utilizing an embodiment of the system in FIG. 6 follows.
From the previous example in FIG
5, the structures for the left hand
540a are assigned left thumb
510a "1", left pointer finger
510b "2", left middle finger
510c "3", left ring finger
510d "4", left pinky finger
510e "5", left palm
520a "6" and, left wrist
530a "7". For the right hand
540b may be assigned right thumb
510j "8", right pointer finger
510i "9", right middle finger
510h "0", right ring finger
510g "11", right pinky finger
510f "12", right palm
520b "13" and, right wrist
530b "14". This information is coupled with FIG. 6, where, the top left button
620a shows the character "a" and moving from left to right and top to bottom, "c"
620b, "e"
620c, "d"
620d, "1"
620e, "o"
620f, "s"
620g, "t"
620h, "p"
620i, "u"
620j, "n"
620k, "k"
620n, rows are formed that spell "aced", "lost", and "punk" respectively.
[0039] Using the above an easy to recall, always available, and robust biometric sequence
may be created by remembering 8-6-7-5-3-0-9 corresponding to the biometric inputs
630, 640 and the word "paddles" corresponding to the represented images on the screen
610 where
knowledge of both in addition to the proper biometric (
inherence) inputs are necessary for authentication. In this example the user's right thumb
510j must be touched to in screen character "p"
620i. The sequence continues with left palm
520a, left wrist
530a, left pinky finger
510e, left middle finger
510c, right middle finger
510h, right pointer finger
510i corresponding to the word "paddles" represented images on the screen "p"
620i, "a"
620a, "d"
620d, "d"
620d, "1"
620e, "e"
620c, "s"
620g. In this way
inherence factor (the user's own physiological structures) is coupled with multiple
knowledge factors (knowledge of what fingers corresponds to what number and a corresponding
"password" on the screen
610). It should be appreciate to one skilled in the art, other such assignments are possible
to allow easily recalled yet robust biometric sequence inputs to allow multifactor
authentication. Further as discussed supra other authentication types may be coupled
with principles of the invention to provide further security.
[0040] Having thus described several aspects of at least one embodiment of this invention
in considerable detail with reference to certain preferred version thereof, it is
to be appreciated various alterations, modifications, and improvements will readily
occur to those skilled in the art. Such alterations, modifications, and improvements
are intended to be part of this disclosure, and are intended to be within the scope
of the invention. Accordingly, the foregoing description and drawings are by way of
example only.
1. An authentication and access control system, comprising:
a sensor configured to detect a series of biometric signals;
a storage device configured to store a predefined series of biometric signals; and
an authentication processor that compares the series of biometric signals received
from the sensor to the predefined series of biometric signals and transmits an authentication
signal if the detected and predefined biometric signals match.
2. The authentication and access control system of claim 1, wherein the sensor is further
defined that the series of biometric signals is created by one of a fingerprint, palm
print, or vein pattern or any permutation thereof.
3. The authentication and access control system of claim 1 or 2, wherein the authentication
signal automatically executes one of physical access, electronic access, or transmits
information.
4. The authentication and access control system of claim 1, 2 or 3, further comprising
a communication interface.
5. The authentication and access control system of any preceding claim, further comprising
a lock mechanism.
6. The authentication and access control system of any preceding claim, further comprising
an authentication server connected to the authentication processor which contains
the predefined series of biometric signals.
7. The authentication and access control system of any preceding claim, further comprising
a display coupled to the sensor configured to detect the series of biometric signals
at any location within the display.
8. A method of authentication and access control, comprising:
detecting, a series of biometric signals with a sensor;
accessing, a predefined series of biometric signals from a storage device;
comparing, the series of biometric signals received from the sensor to predefined
series of biometric signals accessed from the storage device with an authentication
processor; and
transmitting, an authentication signal if the detected and predefined biometric signals
match.
9. The authentication and access control method of claim 8, wherein the sensor is configured
to detect biometric signals created by one of a fingerprint, palm print, vein pattern,
or any permutation thereof.
10. The authentication and access control method of claim 8 or 9, wherein the transmitting
of an authentication signal automatically authorizes physical access, electronic access,
or transmission of information.
11. The authentication and access control method of claim 8, 9 or 10 further comprising
transmitting the sensed biometric signals, predefined series of biometric signals,
or authentication signal through a communication interface to an external network.
12. The authentication and access control method of any of claims 8 to 11, further comprising
articulating a lock mechanism on transmitting the authentication signal.
13. The authentication and access control method of any of claims 8 to 12, further comprising
communicating with an authentication server configured to process the predefined series
of biometric signals.
14. The authentication and access control method of any of claims 8 to 13, further comprising
a display coupled to the sensor configured to detect the series of biometric signals
at any location within the display.